Hackers give Anonymous a taste of their own medicine

Considering Anonymous’ disparate nature, and no central authority calling the shots, it’s a surprise this group has not turned on each other already. Antivirus firm Symantec reports that associates of the group are finding themselves victims of denial-of-service software that has been infected by a Trojan horse.

In previous attacks, Anonymous hacktivists have shown an affinity for Slowloris, a simple tool for DDoSing websites. The group distributes this software through a how-to guide on Pastebin. On January 20, however, hackers broke into this document and changed the Slowloris download links to a modified version of the software infected with Zeus, a popular Trojan horse.

The infected client still works as expected, however behind the scenes it’s doing much more. Zeus steals passwords as well as other credentials including cookies. The link change occurred around the same time as the raid on Megaupload, Symantec says. Unless Anonymous checked the code behind the document, they would have never known anything changed.

It’s not clear how long the link has remained up, but the document has seen at least three major spikes in traffic. The guide was retweeted by the main Anonymous Twitter account in late January to 500,000 followers, just after the group retaliated the Megaupload indictment by DDoSing the RIAA and DoJ websites. There was also the DDoS campaign around the Anti-Counterfeiting Trade Agreement a few days later, and the DDoS protest against the Syrian government last month. This bad link has been around the block quite a few times.

What we’re learning here is that there’s a serious flaw in how Anonymous works. By being so amorphous and disparate, there is no control over the members of the group. Incidents like this can easily happen because there’s nobody watching the hen house, and Pastebin isn’t exactly the most secure way to distribute information. Anonymous now knows this, and anyone who has downloaded Slowloris through the group since then better check if they’re infected.

It is understandable that the group wishes to remain anonymous (excuse the pun), so it does not act as a single entity. But the right hand will never know what the left hand does in this group, so its highly doubtful this is the last time we’ll see hacker-on-hacker violence. Moral of the story here? DDoS at your own risk, or at least run some good antivirus software while you’re doing it.

As for who was behind the Pastebin hack in the first place, we may never know. The timing — January 20, just a day after the RIAA and DoJ DDoS — suggests that a federal agency might’ve been behind it, though.

Tagged In

I certainly wouldn’t dismiss a federal agency or other government security service ‘concerned for the common good’ bypassing privacy restraints and breaking laws to uphold what they perceive as important – in fact our freedoms depend on covert and clandestine operations such as this.

It’s the fact that they would be bitches to a bunch of theatrical drama queens though is hilarious and undermines any authority they would have previously earned.

That said, I wouldn’t insist that this is the case either – plenty of criminal types out there looking to make an easy buck by screwing people over – of course a fair number of them are the aforementioned drama queens demanding more pennies – but there are still a few common criminals in this world.

Anonymous

“It is understandable that the group wishes to remain anonymous (excuse the pun)”

CAN’T HOLD ALL THIS WIT.

Anonymous

figures…

http://profile.yahoo.com/MQHDEUWPD3QYTQ7OFCE4WSIRLI James

Now day Anonymous are be increased

Anonymous

“its highly doubtful this is the last time we’ll see hacker-on-hacker violence”

Violence?

Who was stabbed, shot or beaten senseless?

What a silly statement.

Waltzin Matilda

Matthew Coleman

This article is bullshit. It heavilly implies that Anonymous was the one that included the trojan with the software, but then ends the article by saying “a federal agency might have been behind it.” I think we can safely say there was a clear intention of labeling the structure of Anon as ‘bad’ before there was any actual logical conclusions being considered. Thanks for nothing Mr. Oswald.

ExtremeTech Newsletter

Subscribe Today to get the latest ExtremeTech news delivered right to your inbox.

Use of this site is governed by our Terms of Use and Privacy Policy. Copyright 1996-2016 Ziff Davis, LLC.PCMag Digital Group All Rights Reserved. ExtremeTech is a registered trademark of Ziff Davis, LLC. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis, LLC. is prohibited.